Bocha Web Search
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: bocha-web-search-yikailucas Version: 1.0.2 The skill is classified as suspicious primarily due to the `--raw-json` parameter in `scripts/bocha.mjs`. This parameter allows arbitrary JSON to be passed directly into the API request body, providing broad and unconstrained control over the payload sent to the external Bocha API. While intended for advanced usage, this capability could be leveraged by a malicious prompt to the agent to interact with the external API in unintended or harmful ways, potentially exploiting vulnerabilities in the upstream API or performing actions beyond the skill's stated purpose. No direct malicious intent (e.g., data exfiltration, persistence, local system compromise) was found within the skill's code or `SKILL.md`.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using the skill must provide a Bocha API key, and requests will be billed or authorized under that Bocha account according to Bocha's rules.
The script retrieves a Bocha API key from the environment or config file and uses it for authenticated API requests. This is purpose-aligned, but it is still account credential use.
if (process.env.BOCHA_API_KEY?.trim()) return process.env.BOCHA_API_KEY.trim(); ... Authorization: `Bearer ${apiKey}`Use a dedicated Bocha key with the minimum needed permissions, store it securely, and rotate it if it may have been exposed.
Search queries and any documents supplied through --raw-json may be processed by the Bocha service.
The script sends the constructed query or raw JSON payload to Bocha API endpoints. This is expected for a search/rerank connector, but it means user-provided content leaves the local environment.
case 'rerank': return 'https://api.bochaai.com/v1/semantic-reranker'; ... body: JSON.stringify(payload)
Avoid sending secrets, private documents, regulated data, or sensitive business information unless you are comfortable sharing it with Bocha under its terms.
Running the shortcut search script executes included Node.js code locally.
The helper starts the included bocha.mjs script with a fixed argument array. This is a local wrapper for the documented search function rather than arbitrary shell execution.
const ret = spawnSync(process.execPath, [bochaPath, 'web', '--query', query, '--count', String(count), '--pretty'], {Review the included scripts before use if you do not trust the publisher; no hidden or unrelated command execution is shown in the provided files.